RDS databases should not be publicly accessible

rds
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

It is important to ensure that RDS database instances provisioned in your AWS account restrict unauthorized access to minimize security risks. Publicly accessible RDS instances can expose your database to anyone on the internet, increasing the risk of malicious activities such as brute force attacks, SQL injections, or DoS/DDoS attacks. Disabling the Publicly Accessible flag and updating VPC security group settings prevents public access to these instances and protects sensitive data.

Remediation

For instructions on securing RDS instances by disabling public access, refer to Working with RDS Instances in a VPC.